Security Bulletin

U.S. alternative investment platform Yieldstreet disclosed the compromise of some of its customers' data as a result of the LockBit ransomware attack against Evolve Bank & Trust, TechCrunch reports.

Cybernews reports that Indian hospitality guest management platform provider Quoality had the data of more than one million hotel guests leaked as a result of an Elastic cluster misconfiguration.

Infostealer logs, or data exfiltrated by information-stealing malware, could be leveraged to reveal the identities of thousands of individuals using websites sharing child sexual abuse material over the darknet, reports The Record, a news site by...

Attackers have leveraged trojanized versions of Indian software provider Conceptworld's installers for its Copywhiz, Notezilla, and RecentX programs to facilitate the delivery of information-stealing malware, The Hacker News reports.

The cyberattack disrupted national laboratory services, which could slow response to disease outbreaks such as mpox, experts warn.

The Microsoft Security Response Center (MSRC) has always been at the forefront of addressing cyber threats, privacy issues, and abuse arising from Microsoft Online Services. Building on our commitment, we have introduced several updates to the Report...

Multifactor authentication is a good first step, but businesses should look to collect and analyze data to hunt for threats, manage identities more closely, and limit the impact of attacks.

Adversary-in-the-middle attacks can strip out the passkey option from login pages that users see, leaving targets with only authentication choices that force them to give up credentials.

Researchers said they uncovered a new side-channel vulnerability in Intel processors that could potentially allow the leak of sensitive data.

A ransomware attack has become a supply chain issue, thanks to the victim's partnerships with other financial services companies.

Creo Elements/Direct License Servers, which enable industrial design and modeling software, are exposed to the Internet, leaving critical infrastructure vulnerable to remote code execution.

Some organizations are also reaching record-high levels of cyber maturity, at 80% to 90%.